/*
* Dump information on a certificate to the debug log.
*/
static void
pxy_debug_crt(X509 *crt)
{
char *sj = ssl_x509_subject(crt);
if (sj) {
log_dbg_printf("Subject DN: %s\n", sj);
free(sj);
}
char *names = ssl_x509_names_to_str(crt);
if (names) {
log_dbg_printf("Common Names: %s\n", names);
free(names);
}
unsigned char fpr[SSL_X509_FPRSZ];
if (ssl_x509_fingerprint_sha1(crt, fpr) == -1) {
log_err_printf("Warning: Error generating X509 fingerprint\n");
} else {
log_dbg_printf("Fingerprint: " "%02x:%02x:%02x:%02x:"
"%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:"
"%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x\n",
fpr[0], fpr[1], fpr[2], fpr[3], fpr[4],
fpr[5], fpr[6], fpr[7], fpr[8], fpr[9],
fpr[10], fpr[11], fpr[12], fpr[13], fpr[14],
fpr[15], fpr[16], fpr[17], fpr[18], fpr[19]);
}
#ifdef DEBUG_CERTIFICATE
/* dump certificate */
log_dbg_print_free(ssl_x509_to_str(crt));
log_dbg_print_free(ssl_x509_to_pem(crt));
#endif /* DEBUG_CERTIFICATE */
}
END_TEST
START_TEST(ssl_x509_names_to_str_02)
{
X509 *c;
char *names;
c = ssl_x509_load(TESTCERT2);
fail_unless(!!c, "loading certificate failed");
names = ssl_x509_names_to_str(c);
fail_unless(!!names, "no string");
fail_unless(!strcmp(names, "SSLsplit Root CA"), "wrong name string");
X509_free(c);
}
END_TEST
START_TEST(ssl_x509_names_to_str_01)
{
X509 *c;
char *names;
c = ssl_x509_load(TESTCERT);
fail_unless(!!c, "loading certificate failed");
names = ssl_x509_names_to_str(c);
fail_unless(!!names, "no string");
fail_unless(!strcmp(names,
"daniel.roe.ch/daniel.roe.ch/www.roe.ch/*.roe.ch"),
"wrong name string");
X509_free(c);
}
